-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.jenkins-ci.plugins:kmap-jenkins | maven | = 1.6 |
Miggo AIRoot Cause AnalysisThe vulnerability stems from credentials being stored unencrypted in job config.xml files. Jenkins plugins typically use the Credentials API for secure storage, but Kmap Plugin's builder class (KMapBuilder) likely directly serializes credentials into XML. The constructor and credential accessor methods would handle plaintext credential storage. While no specific code is provided, the pattern matches other Jenkins plugin vulnerabilities where credentials are improperly persisted without encryption.
A Semantic Attack on Google Gemini - Read the Latest Research